Editor's Blog6 mins ago
Making It Near Impossible
58 Answers
Some organisations/institutions are particularly inclined to make bad choices. Now the news from my bank is that I must be at home whenever I want to log into my online banking, and they say this is by order of the Government's Ombudsman. They are going to insist on me using a "one time password" which they are going to give me by telephone. I don't have and don't want a mobile phone so unless they provide me with one they are insisting I return to base every time I want to do online banking - why not just tell me I have to go to my branch, regardless of where I may be travelling ? If this really is at the Ombudsman's instigation then my opinion of it has sunk lower than it was. What is wrong with a random number generator which has worked and still works very well in the UK and elsewhere ?
They say this is a UK-wide requirement so that should mean everyone is in the same boat, regardless of which bank they use. Can anyone tell me what they mean by one-time password ? Is it one that will only be required once or is it one that becomes invalid in a short time and they will/may go through this nonsense repeatedly, just to make absolutely certain you/I are driven up the wall and/or cannot use online banking. The insistence that this increases security is of course correct - if you make it impossible for people to use the system then it is perfectly secure. Another brilliant scheme dreamt up by incompetents - and it is nonsense to say "Everybody has a mobile", they shouldn't have to and they don't.
They say this is a UK-wide requirement so that should mean everyone is in the same boat, regardless of which bank they use. Can anyone tell me what they mean by one-time password ? Is it one that will only be required once or is it one that becomes invalid in a short time and they will/may go through this nonsense repeatedly, just to make absolutely certain you/I are driven up the wall and/or cannot use online banking. The insistence that this increases security is of course correct - if you make it impossible for people to use the system then it is perfectly secure. Another brilliant scheme dreamt up by incompetents - and it is nonsense to say "Everybody has a mobile", they shouldn't have to and they don't.
Answers
Best Answer
No best answer has yet been selected by KARL. Once a best answer has been selected, it will be shown here.
For more on marking an answer as the "Best Answer", please visit our FAQ.Different banks have different ways of dealing with this problem. eg, HSBC give you a small stand-alone device which will generate a code for you, Nationwide give you a larger machine into which you insert your Debit Card and that generates a code for you. This allows you to use internet banking anywhere ie, no telephone required. Perhaps now is the time to move your account.
I had the same trouble with Visa: they instituted a system by which they'd send a code to my non-existent mobile. No provision for calling my landline. (It's actually the retail outlets who shoose what system to use rather than Visa, but this one seemed to be used by most retailers.) So yes, I've had to switch to Mastercard for online purchases. Visa's loss. You may need to switch too.
bednobs, it's not my banks fault that I am not a member of the Playboy Club in Outer Mongolia either, should they choose to route all communications via there - would that too be a reasonable choice ? It is impossible if I happen to be away from home - perhaps for weeks.
bhg, yep, random number generators, I have one for another bank - would switch the business except the sensible one is abroad.
jno, isn't it marvellous how narrow minded some businesses can be, they don't appear to think beyond their tunnel.
bhg, yep, random number generators, I have one for another bank - would switch the business except the sensible one is abroad.
jno, isn't it marvellous how narrow minded some businesses can be, they don't appear to think beyond their tunnel.
This link exlains the different types of 2FA (two-factor authentication) that are in use:
https:/ /www.nc sc.gov. uk/guid ance/se tting-t wo-fact or-auth enticat ion-2fa
The main ones use mobile devices (phones or tablets) but some accounts also offer backup codes (which don't require access to a phone).
https:/
The main ones use mobile devices (phones or tablets) but some accounts also offer backup codes (which don't require access to a phone).
It's not that long ago, Karl, that people resisted the idea of online or mobile banking entirely. Most of them got over it. You have to go with the flow or get left behind and life becomes awkward.
Get yourself a cheap mobile. Mine costs me £6 a month and is very handy when I'm out and about. I don't use if for TwitFace or any of that nonsense. In fact I don't use it much at all except to say I'll be early/late/not there at all when I'm meeting people or to call a cab when I've finished boozing. I don't do any banking when I'm away from home but if I needed to I would be able to. Times change and we should change with them.
Get yourself a cheap mobile. Mine costs me £6 a month and is very handy when I'm out and about. I don't use if for TwitFace or any of that nonsense. In fact I don't use it much at all except to say I'll be early/late/not there at all when I'm meeting people or to call a cab when I've finished boozing. I don't do any banking when I'm away from home but if I needed to I would be able to. Times change and we should change with them.
I think they are catering for the vast majority of internet banking users who do now have mobiles. Why not get a basic mobile phone that you never use to make or receive calls except from your bank. Or discuss alternatives with them . Or stop doing internet banking. Or look for another bank. I don't think anyone here can change the direction of travel on this.
I feel very confident using 2 factor authentication through my mobile phone. I used to use one of those pass code generator devices but I didn't carry it around with me so could only use it at home. I much prefer the one time passcode sent to my phone and it is secure. In fact I believe the banks phone apps to be more secure for all aspects on online banking than the websites, providing you are not using a public wifi - and they are certainly very simple to use.
As others have said, you can own and run a mobile phone very cheaply and it is unreasonable to expect businesses to cater for a very small minority of people.
As others have said, you can own and run a mobile phone very cheaply and it is unreasonable to expect businesses to cater for a very small minority of people.
I still don't use mobile banking. Don't see the need to take unnecessary risks in public. Much is done in branch where one can converse with another human being, a basic courtesy, the least one should expect from an organisation using one's worldly wealth for their own profit. A quick checks of one's account balance or statement is best done from home anyway.
It's been regretfully made more of a pain recently. Time was when as long as one wasn't transferring money, a simpler password arrangement was sufficient. But an attack of paranoia seems to have resulted in banks making life more difficult for the customer now. Even balance/statement checks need either an electronic tech card thingy (which is anything but instinctive) to provide pass codes, or a mobile phone to do the same thing. All very regrettable.
If banks wanted to make things more secure they should start with checking all provided data when a money transfer demand arrives, not just note a couple of items and going ahead regardless.
It's been regretfully made more of a pain recently. Time was when as long as one wasn't transferring money, a simpler password arrangement was sufficient. But an attack of paranoia seems to have resulted in banks making life more difficult for the customer now. Even balance/statement checks need either an electronic tech card thingy (which is anything but instinctive) to provide pass codes, or a mobile phone to do the same thing. All very regrettable.
If banks wanted to make things more secure they should start with checking all provided data when a money transfer demand arrives, not just note a couple of items and going ahead regardless.
I'm presently running down my account at one bank and building up another simply because the first bank's local branch decided it couldn't be bothered with customers, put in a load of machines, and removed the counters. And that's all one can do, if your local branch becomes utterly useless vote with your feet. Although one sees that eventually one might have to consider trying the same with one's nation. This one seems determined to take away basic services from citizens and try to push them around. One had hoped for better from a western democracy. One wonders where is left that treat folk with basic respect.
NJ and others, I have no wish to persuade those who have and use mobile phones to stop using them (just put our conversation above/before constantly checking or even answering the thing until we are finished). Those who pay for a mobile phone to access their bank account are paying for banking - in such cases banks demanding a mobile phone are inducing business for mobile phone companies. How nice/sweet/charming is that ? Why don't banks instead do a deal with some mobile phone company for a dirt cheap/simple device and SIM, then issue those to those who don't have and don't want a mobile phone, it would be more versatile yet possibly only slightly dearer than a random number generator. If I had a mobile phone (i.e. capable of calling out as well as receiving calls) I would not want to give the number to anyone any more than handing out my various passwords. David Small, my sentiments entirely.